I am trying to make sure that only one endoint is able to get through to my API. That endpoint is:GET http://external-api.mydomain.com/myapi/v1/fetchData.
( as an example one of the endpoints which should not be reachable: GET http://external-api.mydomain.com/myapi/v1/internalLookup)

No matter how I configure my API-definition I always get

{
"error": "Requested endpoint is forbidden"
}

Key points to notice:

I need an keyless API.

I have tried all of the below mentioned endpoints but nothing helps (I understand that the target is to only have one which works).

If I disabled all whitelist endpoints I have no issue reaching the upstream API.

Thank you so much! This worked out. But do you know why editing in dashboard changes no_action to reply every save, which basically gives me an empty response if I save with dashboard instead of editing the mongoDB document directly?